@catladder/pipeline 1.170.1 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bash/BashExpression.d.ts +1 -6
- package/dist/bash/BashExpression.js +2 -15
- package/dist/bash/bashEscape.d.ts +34 -0
- package/dist/bash/bashEscape.js +114 -0
- package/dist/bash/bashYaml.js +25 -2
- package/dist/bash/getInjectVarsScript.js +4 -2
- package/dist/bash/index.d.ts +2 -0
- package/dist/bash/index.js +26 -0
- package/dist/build/base/createAppBuildJob.js +3 -3
- package/dist/build/base/writeDotEnv.js +6 -4
- package/dist/build/custom/testJob.js +12 -12
- package/dist/build/docker.d.ts +3 -3
- package/dist/build/node/buildJob.js +1 -1
- package/dist/build/node/cache.d.ts +2 -4
- package/dist/build/node/cache.js +3 -24
- package/dist/build/node/testJob.js +11 -11
- package/dist/build/rails/build.js +1 -1
- package/dist/build/rails/test.js +8 -8
- package/dist/build/types.d.ts +0 -10
- package/dist/constants.js +1 -1
- package/dist/context/createComponentContext.js +0 -1
- package/dist/context/getEnvConfig.js +2 -1
- package/dist/context/getEnvironment.js +1 -2
- package/dist/context/getEnvironmentVariables.d.ts +5 -6
- package/dist/context/getEnvironmentVariables.js +50 -38
- package/dist/deploy/base/deploy.js +3 -3
- package/dist/deploy/cloudRun/createJobs/getCloudRunDeployScripts.js +2 -2
- package/dist/deploy/cloudRun/index.js +2 -2
- package/dist/deploy/cloudRun/utils/getServiceName.d.ts +1 -1
- package/dist/deploy/kubernetes/cloudSql/index.d.ts +2 -2
- package/dist/deploy/kubernetes/cloudSql/index.js +3 -14
- package/dist/deploy/kubernetes/deployJob.js +1 -3
- package/dist/deploy/kubernetes/index.js +2 -2
- package/dist/deploy/kubernetes/kubeEnv.d.ts +3 -3
- package/dist/deploy/kubernetes/kubeValues.d.ts +3 -4
- package/dist/deploy/kubernetes/kubeValues.js +2 -3
- package/dist/deploy/types/base.d.ts +0 -6
- package/dist/deploy/types/kubernetes.d.ts +1 -34
- package/dist/globalScriptFunctions/index.d.ts +14 -0
- package/dist/globalScriptFunctions/index.js +37 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +3 -1
- package/dist/pipeline/gitlab/createGitlabJobs.js +3 -5
- package/dist/pipeline/gitlab/createGitlabPipeline.d.ts +1 -0
- package/dist/pipeline/gitlab/createGitlabPipeline.js +38 -2
- package/dist/pipeline/packageManager.js +1 -1
- package/dist/runner/index.d.ts +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/types/config.d.ts +6 -9
- package/dist/types/context.d.ts +2 -9
- package/dist/types/gitlab-types.d.ts +1 -0
- package/dist/types/jobs.d.ts +0 -8
- package/dist/utils/gitlab.js +4 -1
- package/dist/utils/writeFiles.js +1 -7
- package/dist/variables/VariableValue.d.ts +3 -0
- package/dist/variables/VariableValue.js +5 -0
- package/dist/variables/VariableValueContainingReferences.d.ts +24 -0
- package/dist/variables/VariableValueContainingReferences.js +97 -0
- package/dist/variables/__tests__/resolveAllReferences.test.js +219 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveAllReferencesOnce.test.js +171 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.d.ts +1 -0
- package/dist/variables/__tests__/resolveReferencesOnce.test.js +202 -0
- package/dist/variables/__tests__/variableValue.test.d.ts +1 -0
- package/dist/variables/__tests__/variableValue.test.js +36 -0
- package/dist/variables/resolveAllReferences.d.ts +3 -0
- package/dist/{bash/replaceAsync.js → variables/resolveAllReferences.js} +60 -40
- package/dist/variables/resolveAllReferencesOnce.d.ts +5 -0
- package/dist/variables/resolveAllReferencesOnce.js +191 -0
- package/dist/variables/resolveReferencesOnce.d.ts +8 -0
- package/dist/variables/resolveReferencesOnce.js +22 -0
- package/examples/__snapshots__/cloud-run-http2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-memory-limit.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-meteor-with-worker.test.ts.snap +312 -222
- package/examples/__snapshots__/cloud-run-nextjs.test.ts.snap +1436 -0
- package/examples/__snapshots__/cloud-run-no-cpu-throttling.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-no-service.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-non-public.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-post-stop-job.test.ts.snap +313 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc-connector.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-custom-vpc.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-gen2.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-increase-timout.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-service-with-volumes.test.ts.snap +316 -238
- package/examples/__snapshots__/cloud-run-storybook.test.ts.snap +294 -220
- package/examples/__snapshots__/cloud-run-with-ngnix.test.ts.snap +312 -238
- package/examples/__snapshots__/cloud-run-with-sql-reuse-db.test.ts.snap +652 -486
- package/examples/__snapshots__/cloud-run-with-sql.test.ts.snap +282 -288
- package/examples/__snapshots__/cloud-run-with-worker.test.ts.snap +312 -238
- package/examples/__snapshots__/custom-build-job-with-tests.test.ts.snap +284 -194
- package/examples/__snapshots__/custom-build-job.test.ts.snap +278 -188
- package/examples/__snapshots__/custom-deploy.test.ts.snap +220 -154
- package/examples/__snapshots__/custom-envs.test.ts.snap +216 -126
- package/examples/__snapshots__/custom-sbom-java.test.ts.snap +278 -188
- package/examples/__snapshots__/git-submodule.test.ts.snap +312 -238
- package/examples/__snapshots__/kubernetes-application-customization.test.ts.snap +231 -253
- package/examples/__snapshots__/kubernetes-with-cloud-sql.test.ts.snap +240 -262
- package/examples/__snapshots__/kubernetes-with-jobs.test.ts.snap +504 -506
- package/examples/__snapshots__/kubernetes-with-mongodb.test.ts.snap +239 -261
- package/examples/__snapshots__/local-dot-env.test.ts.snap +236 -238
- package/examples/__snapshots__/meteor-kubernetes.test.ts.snap +236 -242
- package/examples/__snapshots__/multiline-var.test.ts.snap +1355 -973
- package/examples/__snapshots__/native-app.test.ts.snap +438 -392
- package/examples/__snapshots__/node-build-with-custom-image.test.ts.snap +312 -238
- package/examples/__snapshots__/node-build-with-docker-additions.test.ts.snap +312 -238
- package/examples/__snapshots__/rails-k8s-with-worker-dockerfile.test.ts.snap +186 -188
- package/examples/__snapshots__/rails-k8s-with-worker.test.ts.snap +162 -164
- package/examples/__snapshots__/referencing-other-vars.test.ts.snap +971 -765
- package/examples/__snapshots__/wait-for-other-deploy.test.ts.snap +330 -228
- package/examples/__snapshots__/{workspace-api-www-custom-cache.test.ts.snap → workspace-api-www-turbo-cache.test.ts.snap} +457 -499
- package/examples/__snapshots__/workspace-api-www.test.ts.snap +452 -482
- package/examples/{workspace-api-www-custom-cache.test.ts → cloud-run-nextjs.test.ts} +2 -2
- package/examples/cloud-run-nextjs.ts +28 -0
- package/examples/cloud-run-with-sql.ts +0 -1
- package/examples/kubernetes-application-customization.ts +1 -0
- package/examples/kubernetes-with-cloud-sql.ts +1 -0
- package/examples/kubernetes-with-jobs.ts +1 -0
- package/examples/kubernetes-with-mongodb.ts +1 -0
- package/examples/meteor-kubernetes.ts +1 -1
- package/examples/native-app.ts +10 -7
- package/examples/rails-k8s-with-worker.ts +7 -1
- package/examples/{kubernetes-with-cloud-sql-legacy.test.ts → workspace-api-www-turbo-cache.test.ts} +2 -2
- package/examples/{workspace-api-www-custom-cache.ts → workspace-api-www-turbo-cache.ts} +4 -3
- package/examples/workspace-api-www.ts +3 -2
- package/package.json +2 -6
- package/scripts/generate-examples-test.ts +0 -7
- package/src/bash/BashExpression.ts +0 -13
- package/src/bash/bashEscape.ts +158 -0
- package/src/bash/bashYaml.ts +36 -2
- package/src/bash/getInjectVarsScript.ts +11 -2
- package/src/bash/index.ts +2 -0
- package/src/build/base/createAppBuildJob.ts +0 -1
- package/src/build/base/writeDotEnv.ts +6 -6
- package/src/build/custom/testJob.ts +0 -1
- package/src/build/node/buildJob.ts +2 -2
- package/src/build/node/cache.ts +0 -29
- package/src/build/node/testJob.ts +0 -1
- package/src/build/rails/build.ts +0 -1
- package/src/build/rails/test.ts +0 -1
- package/src/build/types.ts +0 -13
- package/src/context/createComponentContext.ts +0 -1
- package/src/context/getEnvConfig.ts +2 -2
- package/src/context/getEnvironment.ts +1 -1
- package/src/context/getEnvironmentContext.ts +1 -1
- package/src/context/getEnvironmentVariables.ts +44 -51
- package/src/deploy/base/deploy.ts +1 -1
- package/src/deploy/cloudRun/createJobs/getCloudRunDeployScripts.ts +4 -12
- package/src/deploy/cloudRun/index.ts +2 -2
- package/src/deploy/kubernetes/cloudSql/index.ts +3 -16
- package/src/deploy/kubernetes/deployJob.ts +0 -2
- package/src/deploy/kubernetes/index.ts +2 -2
- package/src/deploy/kubernetes/kubeEnv.ts +3 -3
- package/src/deploy/kubernetes/kubeValues.ts +5 -8
- package/src/deploy/types/base.ts +0 -6
- package/src/deploy/types/kubernetes.ts +1 -36
- package/src/globalScriptFunctions/index.ts +30 -0
- package/src/index.ts +2 -0
- package/src/pipeline/gitlab/createGitlabJobs.ts +1 -4
- package/src/pipeline/gitlab/createGitlabPipeline.ts +8 -1
- package/src/pipeline/packageManager.ts +7 -5
- package/src/runner/index.ts +0 -1
- package/src/types/config.ts +6 -9
- package/src/types/context.ts +3 -9
- package/src/types/gitlab-types.ts +1 -0
- package/src/types/jobs.ts +0 -8
- package/src/utils/gitlab.ts +19 -2
- package/src/utils/writeFiles.ts +1 -2
- package/src/variables/VariableValue.ts +6 -0
- package/src/variables/VariableValueContainingReferences.ts +89 -0
- package/src/variables/__tests__/resolveAllReferences.test.ts +110 -0
- package/src/variables/__tests__/resolveAllReferencesOnce.test.ts +64 -0
- package/src/variables/__tests__/resolveReferencesOnce.test.ts +117 -0
- package/src/variables/__tests__/variableValue.test.ts +73 -0
- package/src/variables/resolveAllReferences.ts +46 -0
- package/src/variables/resolveAllReferencesOnce.ts +44 -0
- package/src/variables/resolveReferencesOnce.ts +29 -0
- package/bin/catladder-gitlab-dev.js +0 -3
- package/bin/catladder-gitlab.js +0 -3
- package/dist/bash/replaceAsync.d.ts +0 -2
- package/dist/bundles/catladder-gitlab/index.js +0 -15
- package/dist/context/__tests__/resolveReferences.test.js +0 -368
- package/dist/context/resolveReferences.d.ts +0 -6
- package/dist/context/resolveReferences.js +0 -286
- package/dist/deploy/kubernetes/processSecretsAsFiles.d.ts +0 -85
- package/dist/deploy/kubernetes/processSecretsAsFiles.js +0 -33
- package/examples/__snapshots__/kubernetes-with-cloud-sql-legacy.test.ts.snap +0 -1795
- package/examples/kubernetes-with-cloud-sql-legacy.ts +0 -35
- package/scripts/bundle +0 -2
- package/src/bash/replaceAsync.ts +0 -49
- package/src/context/__tests__/resolveReferences.test.ts +0 -148
- package/src/context/resolveReferences.ts +0 -93
- package/src/deploy/kubernetes/processSecretsAsFiles.ts +0 -35
- /package/dist/{context/__tests__/resolveReferences.test.d.ts → variables/__tests__/resolveAllReferences.test.d.ts} +0 -0
|
@@ -45,6 +45,36 @@ variables:
|
|
|
45
45
|
CACHE_COMPRESSION_LEVEL: fast
|
|
46
46
|
TRANSFER_METER_FREQUENCY: 5s
|
|
47
47
|
GIT_DEPTH: '1'
|
|
48
|
+
before_script:
|
|
49
|
+
- |-
|
|
50
|
+
function escapeForDotEnv () {
|
|
51
|
+
input="\${1:-$(cat)}"
|
|
52
|
+
input="\${input//$'\\n'/\\\\n}"
|
|
53
|
+
if [[ "$input" == *\\\\n* ]]; then
|
|
54
|
+
if [[ "$input" == *\\"* && "$input" == *\\'* && "$input" == *\\\`* ]]; then
|
|
55
|
+
printf "\\"%s\\"\\n" "$input"
|
|
56
|
+
elif [[ "$input" == *\\"* && "$input" == *\\'* ]]; then
|
|
57
|
+
printf "\`%s\`\\n" "$input"
|
|
58
|
+
elif [[ "$input" == *\\"* ]]; then
|
|
59
|
+
printf "'%s'\\n" "$input"
|
|
60
|
+
else
|
|
61
|
+
printf "\\"%s\\"\\n" "$input"
|
|
62
|
+
fi
|
|
63
|
+
else
|
|
64
|
+
printf "%s\\n" "$input"
|
|
65
|
+
fi
|
|
66
|
+
}
|
|
67
|
+
- |-
|
|
68
|
+
function collapseable_section_start () {
|
|
69
|
+
local section_title="\${1}"
|
|
70
|
+
local section_description="\${2:-$section_title}"
|
|
71
|
+
echo -e "section_start:\`date +%s\`:\${section_title}[collapsed=true]\\r\\e[0K\${section_description}"
|
|
72
|
+
}
|
|
73
|
+
- |-
|
|
74
|
+
function collapseable_section_end () {
|
|
75
|
+
local section_title="\${1}"
|
|
76
|
+
echo -e "section_end:\`date +%s\`:\${section_title}\\r\\e[0K"
|
|
77
|
+
}
|
|
48
78
|
api 🛡 audit:
|
|
49
79
|
stage: test
|
|
50
80
|
image: path/to/docker/jobs-default:the-version
|
|
@@ -53,9 +83,9 @@ api 🛡 audit:
|
|
|
53
83
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
54
84
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
55
85
|
script:
|
|
56
|
-
-
|
|
86
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
57
87
|
- export APP_PATH="api"
|
|
58
|
-
-
|
|
88
|
+
- collapseable_section_end "injectvars"
|
|
59
89
|
- cd api
|
|
60
90
|
- yarn npm audit --environment production
|
|
61
91
|
rules:
|
|
@@ -79,21 +109,21 @@ api 👮 lint:
|
|
|
79
109
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
80
110
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
81
111
|
script:
|
|
82
|
-
-
|
|
112
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
83
113
|
- export APP_PATH="api"
|
|
84
|
-
-
|
|
85
|
-
-
|
|
114
|
+
- collapseable_section_end "injectvars"
|
|
115
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
86
116
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
87
117
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
88
|
-
-
|
|
118
|
+
- collapseable_section_end "nodeinstall"
|
|
89
119
|
- cd api
|
|
90
|
-
-
|
|
120
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
91
121
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
92
122
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
93
|
-
-
|
|
94
|
-
-
|
|
123
|
+
- collapseable_section_end "nodeinstall"
|
|
124
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
95
125
|
- yarn install --immutable
|
|
96
|
-
-
|
|
126
|
+
- collapseable_section_end "yarninstall"
|
|
97
127
|
- yarn lint
|
|
98
128
|
cache:
|
|
99
129
|
- key: api-yarn
|
|
@@ -120,21 +150,21 @@ api 🧪 test:
|
|
|
120
150
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
121
151
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
122
152
|
script:
|
|
123
|
-
-
|
|
153
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
124
154
|
- export APP_PATH="api"
|
|
125
|
-
-
|
|
126
|
-
-
|
|
155
|
+
- collapseable_section_end "injectvars"
|
|
156
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
127
157
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
128
158
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
129
|
-
-
|
|
159
|
+
- collapseable_section_end "nodeinstall"
|
|
130
160
|
- cd api
|
|
131
|
-
-
|
|
161
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
132
162
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
133
163
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
134
|
-
-
|
|
135
|
-
-
|
|
164
|
+
- collapseable_section_end "nodeinstall"
|
|
165
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
136
166
|
- yarn install --immutable
|
|
137
|
-
-
|
|
167
|
+
- collapseable_section_end "yarninstall"
|
|
138
168
|
- yarn test
|
|
139
169
|
cache:
|
|
140
170
|
- key: api-yarn
|
|
@@ -161,38 +191,37 @@ api 🧪 test:
|
|
|
161
191
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
162
192
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
163
193
|
script:
|
|
164
|
-
-
|
|
194
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
165
195
|
- export ENV_SHORT="dev"
|
|
166
196
|
- export APP_DIR="api"
|
|
167
197
|
- export ENV_TYPE="dev"
|
|
168
198
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
169
199
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
170
200
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
171
|
-
- export
|
|
201
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
172
202
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
173
|
-
- export
|
|
174
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
203
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
175
204
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
176
205
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
177
206
|
- export KUBE_APP_NAME="api"
|
|
178
207
|
- export KUBE_APP_NAME_PREFIX=""
|
|
179
208
|
- export POSTGRESQL_PASSWORD="$CL_dev_api_POSTGRESQL_PASSWORD"
|
|
180
209
|
- export cloudsqlProxyCredentials="$CL_dev_api_cloudsqlProxyCredentials"
|
|
181
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
182
|
-
-
|
|
210
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
211
|
+
- collapseable_section_end "injectvars"
|
|
183
212
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
184
|
-
-
|
|
213
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
185
214
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
186
215
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
187
|
-
-
|
|
216
|
+
- collapseable_section_end "nodeinstall"
|
|
188
217
|
- cd api
|
|
189
|
-
-
|
|
218
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
190
219
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
191
220
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
192
|
-
-
|
|
193
|
-
-
|
|
221
|
+
- collapseable_section_end "nodeinstall"
|
|
222
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
194
223
|
- yarn install --immutable
|
|
195
|
-
-
|
|
224
|
+
- collapseable_section_end "yarninstall"
|
|
196
225
|
- yarn build
|
|
197
226
|
cache:
|
|
198
227
|
- key: api-yarn
|
|
@@ -203,10 +232,6 @@ api 🧪 test:
|
|
|
203
232
|
policy: pull-push
|
|
204
233
|
paths:
|
|
205
234
|
- api/node_modules
|
|
206
|
-
- key: api-next-cache
|
|
207
|
-
policy: pull-push
|
|
208
|
-
paths:
|
|
209
|
-
- api/.next/cache
|
|
210
235
|
artifacts:
|
|
211
236
|
paths:
|
|
212
237
|
- api/__build_info.json
|
|
@@ -239,7 +264,7 @@ api 🧪 test:
|
|
|
239
264
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
240
265
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
241
266
|
script:
|
|
242
|
-
-
|
|
267
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
243
268
|
- export APP_DIR="api"
|
|
244
269
|
- export DOCKER_BUILD_CONTEXT="."
|
|
245
270
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -256,19 +281,19 @@ api 🧪 test:
|
|
|
256
281
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
257
282
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
258
283
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
259
|
-
-
|
|
284
|
+
- collapseable_section_end "injectvars"
|
|
260
285
|
- ensureNodeDockerfile
|
|
261
|
-
-
|
|
286
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
262
287
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
263
|
-
-
|
|
264
|
-
-
|
|
288
|
+
- collapseable_section_end "docker-login"
|
|
289
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
265
290
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
266
|
-
-
|
|
267
|
-
-
|
|
291
|
+
- collapseable_section_end "docker-build"
|
|
292
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
268
293
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
269
294
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
270
295
|
- docker push $DOCKER_CACHE_IMAGE
|
|
271
|
-
-
|
|
296
|
+
- collapseable_section_end "docker-push"
|
|
272
297
|
cache:
|
|
273
298
|
- key: api-yarn
|
|
274
299
|
policy: pull
|
|
@@ -287,8 +312,8 @@ api 🧪 test:
|
|
|
287
312
|
image: aquasec/trivy:0.38.3
|
|
288
313
|
variables: {}
|
|
289
314
|
script:
|
|
290
|
-
-
|
|
291
|
-
-
|
|
315
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
316
|
+
- collapseable_section_end "injectvars"
|
|
292
317
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
293
318
|
artifacts:
|
|
294
319
|
paths:
|
|
@@ -309,24 +334,23 @@ api 🧪 test:
|
|
|
309
334
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
310
335
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
311
336
|
script:
|
|
312
|
-
-
|
|
337
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
313
338
|
- export ENV_SHORT="dev"
|
|
314
339
|
- export APP_DIR="api"
|
|
315
340
|
- export ENV_TYPE="dev"
|
|
316
341
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
317
342
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
318
343
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
319
|
-
- export
|
|
344
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
320
345
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
321
|
-
- export
|
|
322
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
346
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
323
347
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
324
348
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
325
349
|
- export KUBE_APP_NAME="api"
|
|
326
350
|
- export KUBE_APP_NAME_PREFIX=""
|
|
327
351
|
- export POSTGRESQL_PASSWORD="$CL_dev_api_POSTGRESQL_PASSWORD"
|
|
328
352
|
- export cloudsqlProxyCredentials="$CL_dev_api_cloudsqlProxyCredentials"
|
|
329
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
353
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
330
354
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
331
355
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
332
356
|
- export DOCKER_IMAGE_NAME="dev/api"
|
|
@@ -338,21 +362,20 @@ api 🧪 test:
|
|
|
338
362
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
339
363
|
- export HELM_ARGS=""
|
|
340
364
|
- export COMPONENT_NAME="api"
|
|
341
|
-
-
|
|
342
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
365
|
+
- collapseable_section_end "injectvars"
|
|
343
366
|
- kubectl config set-cluster "kube-pan-test-app-dev-api" --server="$CL_dev_api_KUBE_URL" --certificate-authority <(echo $CL_dev_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
344
367
|
- kubectl config set-credentials "kube-pan-test-app-dev-api" --token="$CL_dev_api_KUBE_TOKEN"
|
|
345
368
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
346
369
|
- kubectl config use-context "kube-pan-test-app-dev-api"
|
|
347
|
-
-
|
|
370
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
348
371
|
- |
|
|
349
372
|
cat > __all_values.yml <<EOF
|
|
350
373
|
env:
|
|
351
374
|
secret:
|
|
352
375
|
POSTGRESQL_PASSWORD: |-
|
|
353
|
-
|
|
376
|
+
$(printf %s "$CL_dev_api_POSTGRESQL_PASSWORD" | sed '1!s/^/ /')
|
|
354
377
|
cloudsqlProxyCredentials: |-
|
|
355
|
-
|
|
378
|
+
$(printf %s "$CL_dev_api_cloudsqlProxyCredentials" | sed '1!s/^/ /')
|
|
356
379
|
public:
|
|
357
380
|
ENV_SHORT: |-
|
|
358
381
|
dev
|
|
@@ -361,18 +384,16 @@ api 🧪 test:
|
|
|
361
384
|
ENV_TYPE: |-
|
|
362
385
|
dev
|
|
363
386
|
BUILD_INFO_BUILD_ID: |-
|
|
364
|
-
|
|
387
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
365
388
|
BUILD_INFO_BUILD_TIME: |-
|
|
366
|
-
|
|
389
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
367
390
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
368
|
-
|
|
369
|
-
|
|
391
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
392
|
+
HOSTNAME: |-
|
|
370
393
|
api.dev.test-app.pan.panter.cloud
|
|
371
394
|
ROOT_URL: |-
|
|
372
395
|
https://api.dev.test-app.pan.panter.cloud
|
|
373
|
-
|
|
374
|
-
api.dev.test-app.pan.panter.cloud
|
|
375
|
-
HOST_CANONICAL: |-
|
|
396
|
+
HOSTNAME_INTERNAL: |-
|
|
376
397
|
api.dev.test-app.pan.panter.cloud
|
|
377
398
|
ROOT_URL_INTERNAL: |-
|
|
378
399
|
https://api.dev.test-app.pan.panter.cloud
|
|
@@ -382,7 +403,7 @@ api 🧪 test:
|
|
|
382
403
|
api
|
|
383
404
|
KUBE_APP_NAME_PREFIX: ""
|
|
384
405
|
_ALL_ENV_VAR_KEYS: |-
|
|
385
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
406
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","POSTGRESQL_PASSWORD","cloudsqlProxyCredentials"]
|
|
386
407
|
application:
|
|
387
408
|
host: |-
|
|
388
409
|
api.dev.test-app.pan.panter.cloud
|
|
@@ -414,7 +435,7 @@ api 🧪 test:
|
|
|
414
435
|
unmanaged
|
|
415
436
|
|
|
416
437
|
EOF
|
|
417
|
-
-
|
|
438
|
+
- collapseable_section_end "writeallvalues"
|
|
418
439
|
- kubernetesCreateSecret
|
|
419
440
|
- kubernetesDeploy
|
|
420
441
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -459,32 +480,30 @@ api 🧪 test:
|
|
|
459
480
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
460
481
|
GIT_STRATEGY: none
|
|
461
482
|
script:
|
|
462
|
-
-
|
|
483
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
463
484
|
- export ENV_SHORT="dev"
|
|
464
485
|
- export APP_DIR="api"
|
|
465
486
|
- export ENV_TYPE="dev"
|
|
466
487
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
467
488
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
468
489
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
469
|
-
- export
|
|
490
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
470
491
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
471
|
-
- export
|
|
472
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
492
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
473
493
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
474
494
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
475
495
|
- export KUBE_APP_NAME="api"
|
|
476
496
|
- export KUBE_APP_NAME_PREFIX=""
|
|
477
497
|
- export POSTGRESQL_PASSWORD="$CL_dev_api_POSTGRESQL_PASSWORD"
|
|
478
498
|
- export cloudsqlProxyCredentials="$CL_dev_api_cloudsqlProxyCredentials"
|
|
479
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
499
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
480
500
|
- export RELEASE_NAME="pan-test-app-dev-api"
|
|
481
501
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
482
502
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
483
503
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
484
504
|
- export HELM_ARGS=""
|
|
485
505
|
- export COMPONENT_NAME="api"
|
|
486
|
-
-
|
|
487
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
506
|
+
- collapseable_section_end "injectvars"
|
|
488
507
|
- kubectl config set-cluster "kube-pan-test-app-dev-api" --server="$CL_dev_api_KUBE_URL" --certificate-authority <(echo $CL_dev_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
489
508
|
- kubectl config set-credentials "kube-pan-test-app-dev-api" --token="$CL_dev_api_KUBE_TOKEN"
|
|
490
509
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
@@ -520,32 +539,30 @@ api 🧪 test:
|
|
|
520
539
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
521
540
|
GIT_STRATEGY: none
|
|
522
541
|
script:
|
|
523
|
-
-
|
|
542
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
524
543
|
- export ENV_SHORT="dev"
|
|
525
544
|
- export APP_DIR="api"
|
|
526
545
|
- export ENV_TYPE="dev"
|
|
527
546
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
528
547
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
529
548
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
530
|
-
- export
|
|
549
|
+
- export HOSTNAME="api.dev.test-app.pan.panter.cloud"
|
|
531
550
|
- export ROOT_URL="https://api.dev.test-app.pan.panter.cloud"
|
|
532
|
-
- export
|
|
533
|
-
- export HOST_CANONICAL="api.dev.test-app.pan.panter.cloud"
|
|
551
|
+
- export HOSTNAME_INTERNAL="api.dev.test-app.pan.panter.cloud"
|
|
534
552
|
- export ROOT_URL_INTERNAL="https://api.dev.test-app.pan.panter.cloud"
|
|
535
553
|
- export KUBE_NAMESPACE="pan-test-app-dev"
|
|
536
554
|
- export KUBE_APP_NAME="api"
|
|
537
555
|
- export KUBE_APP_NAME_PREFIX=""
|
|
538
556
|
- export POSTGRESQL_PASSWORD="$CL_dev_api_POSTGRESQL_PASSWORD"
|
|
539
557
|
- export cloudsqlProxyCredentials="$CL_dev_api_cloudsqlProxyCredentials"
|
|
540
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
558
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
541
559
|
- export RELEASE_NAME="pan-test-app-dev-api"
|
|
542
560
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
543
561
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
544
562
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
545
563
|
- export HELM_ARGS=""
|
|
546
564
|
- export COMPONENT_NAME="api"
|
|
547
|
-
-
|
|
548
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
565
|
+
- collapseable_section_end "injectvars"
|
|
549
566
|
- kubectl config set-cluster "kube-pan-test-app-dev-api" --server="$CL_dev_api_KUBE_URL" --certificate-authority <(echo $CL_dev_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
550
567
|
- kubectl config set-credentials "kube-pan-test-app-dev-api" --token="$CL_dev_api_KUBE_TOKEN"
|
|
551
568
|
- kubectl config set-context "kube-pan-test-app-dev-api" --cluster="kube-pan-test-app-dev-api" --user="kube-pan-test-app-dev-api" --namespace="pan-test-app-dev"
|
|
@@ -576,38 +593,37 @@ api 🧪 test:
|
|
|
576
593
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
577
594
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
578
595
|
script:
|
|
579
|
-
-
|
|
596
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
580
597
|
- export ENV_SHORT="review"
|
|
581
598
|
- export APP_DIR="api"
|
|
582
599
|
- export ENV_TYPE="review"
|
|
583
600
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
584
601
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
585
602
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
586
|
-
- export
|
|
603
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
587
604
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
588
|
-
- export
|
|
589
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
605
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
590
606
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
591
607
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
592
608
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
593
609
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
594
610
|
- export POSTGRESQL_PASSWORD="$CL_review_api_POSTGRESQL_PASSWORD"
|
|
595
611
|
- export cloudsqlProxyCredentials="$CL_review_api_cloudsqlProxyCredentials"
|
|
596
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
597
|
-
-
|
|
612
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
613
|
+
- collapseable_section_end "injectvars"
|
|
598
614
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
599
|
-
-
|
|
615
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
600
616
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
601
617
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
602
|
-
-
|
|
618
|
+
- collapseable_section_end "nodeinstall"
|
|
603
619
|
- cd api
|
|
604
|
-
-
|
|
620
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
605
621
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
606
622
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
607
|
-
-
|
|
608
|
-
-
|
|
623
|
+
- collapseable_section_end "nodeinstall"
|
|
624
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
609
625
|
- yarn install --immutable
|
|
610
|
-
-
|
|
626
|
+
- collapseable_section_end "yarninstall"
|
|
611
627
|
- yarn build
|
|
612
628
|
cache:
|
|
613
629
|
- key: api-yarn
|
|
@@ -618,10 +634,6 @@ api 🧪 test:
|
|
|
618
634
|
policy: pull-push
|
|
619
635
|
paths:
|
|
620
636
|
- api/node_modules
|
|
621
|
-
- key: api-next-cache
|
|
622
|
-
policy: pull-push
|
|
623
|
-
paths:
|
|
624
|
-
- api/.next/cache
|
|
625
637
|
artifacts:
|
|
626
638
|
paths:
|
|
627
639
|
- api/__build_info.json
|
|
@@ -652,7 +664,7 @@ api 🧪 test:
|
|
|
652
664
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
653
665
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
654
666
|
script:
|
|
655
|
-
-
|
|
667
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
656
668
|
- export APP_DIR="api"
|
|
657
669
|
- export DOCKER_BUILD_CONTEXT="."
|
|
658
670
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -669,19 +681,19 @@ api 🧪 test:
|
|
|
669
681
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
670
682
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
671
683
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
672
|
-
-
|
|
684
|
+
- collapseable_section_end "injectvars"
|
|
673
685
|
- ensureNodeDockerfile
|
|
674
|
-
-
|
|
686
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
675
687
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
676
|
-
-
|
|
677
|
-
-
|
|
688
|
+
- collapseable_section_end "docker-login"
|
|
689
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
678
690
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
679
|
-
-
|
|
680
|
-
-
|
|
691
|
+
- collapseable_section_end "docker-build"
|
|
692
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
681
693
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
682
694
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
683
695
|
- docker push $DOCKER_CACHE_IMAGE
|
|
684
|
-
-
|
|
696
|
+
- collapseable_section_end "docker-push"
|
|
685
697
|
cache:
|
|
686
698
|
- key: api-yarn
|
|
687
699
|
policy: pull
|
|
@@ -698,8 +710,8 @@ api 🧪 test:
|
|
|
698
710
|
image: aquasec/trivy:0.38.3
|
|
699
711
|
variables: {}
|
|
700
712
|
script:
|
|
701
|
-
-
|
|
702
|
-
-
|
|
713
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
714
|
+
- collapseable_section_end "injectvars"
|
|
703
715
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
704
716
|
artifacts:
|
|
705
717
|
paths:
|
|
@@ -718,24 +730,23 @@ api 🧪 test:
|
|
|
718
730
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
719
731
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
720
732
|
script:
|
|
721
|
-
-
|
|
733
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
722
734
|
- export ENV_SHORT="review"
|
|
723
735
|
- export APP_DIR="api"
|
|
724
736
|
- export ENV_TYPE="review"
|
|
725
737
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
726
738
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
727
739
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
728
|
-
- export
|
|
740
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
729
741
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
730
|
-
- export
|
|
731
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
742
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
732
743
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
733
744
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
734
745
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
735
746
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
736
747
|
- export POSTGRESQL_PASSWORD="$CL_review_api_POSTGRESQL_PASSWORD"
|
|
737
748
|
- export cloudsqlProxyCredentials="$CL_review_api_cloudsqlProxyCredentials"
|
|
738
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
749
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
739
750
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
740
751
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
741
752
|
- export DOCKER_IMAGE_NAME="review/api"
|
|
@@ -747,21 +758,20 @@ api 🧪 test:
|
|
|
747
758
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
748
759
|
- export HELM_ARGS=""
|
|
749
760
|
- export COMPONENT_NAME="api"
|
|
750
|
-
-
|
|
751
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
761
|
+
- collapseable_section_end "injectvars"
|
|
752
762
|
- kubectl config set-cluster "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --server="$CL_review_api_KUBE_URL" --certificate-authority <(echo $CL_review_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
753
763
|
- kubectl config set-credentials "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --token="$CL_review_api_KUBE_TOKEN"
|
|
754
764
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
755
765
|
- kubectl config use-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
756
|
-
-
|
|
766
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
757
767
|
- |
|
|
758
768
|
cat > __all_values.yml <<EOF
|
|
759
769
|
env:
|
|
760
770
|
secret:
|
|
761
771
|
POSTGRESQL_PASSWORD: |-
|
|
762
|
-
|
|
772
|
+
$(printf %s "$CL_review_api_POSTGRESQL_PASSWORD" | sed '1!s/^/ /')
|
|
763
773
|
cloudsqlProxyCredentials: |-
|
|
764
|
-
|
|
774
|
+
$(printf %s "$CL_review_api_cloudsqlProxyCredentials" | sed '1!s/^/ /')
|
|
765
775
|
public:
|
|
766
776
|
ENV_SHORT: |-
|
|
767
777
|
review
|
|
@@ -770,32 +780,30 @@ api 🧪 test:
|
|
|
770
780
|
ENV_TYPE: |-
|
|
771
781
|
review
|
|
772
782
|
BUILD_INFO_BUILD_ID: |-
|
|
773
|
-
|
|
783
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
774
784
|
BUILD_INFO_BUILD_TIME: |-
|
|
775
|
-
|
|
785
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
776
786
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
777
|
-
|
|
778
|
-
|
|
779
|
-
|
|
787
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
788
|
+
HOSTNAME: |-
|
|
789
|
+
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
780
790
|
ROOT_URL: |-
|
|
781
|
-
|
|
782
|
-
|
|
783
|
-
|
|
784
|
-
HOST_CANONICAL: |-
|
|
785
|
-
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed 's/^/ /')
|
|
791
|
+
$(printf %s "https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
792
|
+
HOSTNAME_INTERNAL: |-
|
|
793
|
+
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
786
794
|
ROOT_URL_INTERNAL: |-
|
|
787
|
-
|
|
795
|
+
$(printf %s "https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
788
796
|
KUBE_NAMESPACE: |-
|
|
789
797
|
pan-test-app-review
|
|
790
798
|
KUBE_APP_NAME: |-
|
|
791
|
-
|
|
799
|
+
$(printf %s "$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | sed '1!s/^/ /')
|
|
792
800
|
KUBE_APP_NAME_PREFIX: |-
|
|
793
|
-
|
|
801
|
+
$(printf %s "$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-" | sed '1!s/^/ /')
|
|
794
802
|
_ALL_ENV_VAR_KEYS: |-
|
|
795
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
803
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","POSTGRESQL_PASSWORD","cloudsqlProxyCredentials"]
|
|
796
804
|
application:
|
|
797
805
|
host: |-
|
|
798
|
-
|
|
806
|
+
$(printf %s "api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud" | sed '1!s/^/ /')
|
|
799
807
|
command: |-
|
|
800
808
|
yarn start
|
|
801
809
|
livenessProbe:
|
|
@@ -819,12 +827,12 @@ api 🧪 test:
|
|
|
819
827
|
proxyCredentials: |-
|
|
820
828
|
$CL_review_api_cloudsqlProxyCredentials
|
|
821
829
|
fullDbName: |-
|
|
822
|
-
|
|
830
|
+
$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" | sed '1!s/^/ /')
|
|
823
831
|
type: |-
|
|
824
832
|
unmanaged
|
|
825
833
|
|
|
826
834
|
EOF
|
|
827
|
-
-
|
|
835
|
+
- collapseable_section_end "writeallvalues"
|
|
828
836
|
- kubernetesCreateSecret
|
|
829
837
|
- kubernetesDeploy
|
|
830
838
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -867,32 +875,30 @@ api 🧪 test:
|
|
|
867
875
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
868
876
|
GIT_STRATEGY: none
|
|
869
877
|
script:
|
|
870
|
-
-
|
|
878
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
871
879
|
- export ENV_SHORT="review"
|
|
872
880
|
- export APP_DIR="api"
|
|
873
881
|
- export ENV_TYPE="review"
|
|
874
882
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
875
883
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
876
884
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
877
|
-
- export
|
|
885
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
878
886
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
879
|
-
- export
|
|
880
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
887
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
881
888
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
882
889
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
883
890
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
884
891
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
885
892
|
- export POSTGRESQL_PASSWORD="$CL_review_api_POSTGRESQL_PASSWORD"
|
|
886
893
|
- export cloudsqlProxyCredentials="$CL_review_api_cloudsqlProxyCredentials"
|
|
887
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
894
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
888
895
|
- export RELEASE_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
889
896
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
890
897
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
891
898
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
892
899
|
- export HELM_ARGS=""
|
|
893
900
|
- export COMPONENT_NAME="api"
|
|
894
|
-
-
|
|
895
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
901
|
+
- collapseable_section_end "injectvars"
|
|
896
902
|
- kubectl config set-cluster "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --server="$CL_review_api_KUBE_URL" --certificate-authority <(echo $CL_review_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
897
903
|
- kubectl config set-credentials "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --token="$CL_review_api_KUBE_TOKEN"
|
|
898
904
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
@@ -926,32 +932,30 @@ api 🧪 test:
|
|
|
926
932
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
927
933
|
GIT_STRATEGY: none
|
|
928
934
|
script:
|
|
929
|
-
-
|
|
935
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
930
936
|
- export ENV_SHORT="review"
|
|
931
937
|
- export APP_DIR="api"
|
|
932
938
|
- export ENV_TYPE="review"
|
|
933
939
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
934
940
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
935
941
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
936
|
-
- export
|
|
942
|
+
- export HOSTNAME="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
937
943
|
- export ROOT_URL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
938
|
-
- export
|
|
939
|
-
- export HOST_CANONICAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
944
|
+
- export HOSTNAME_INTERNAL="api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
940
945
|
- export ROOT_URL_INTERNAL="https://api.$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }).review.test-app.pan.panter.cloud"
|
|
941
946
|
- export KUBE_NAMESPACE="pan-test-app-review"
|
|
942
947
|
- export KUBE_APP_NAME="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
943
948
|
- export KUBE_APP_NAME_PREFIX="$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-"
|
|
944
949
|
- export POSTGRESQL_PASSWORD="$CL_review_api_POSTGRESQL_PASSWORD"
|
|
945
950
|
- export cloudsqlProxyCredentials="$CL_review_api_cloudsqlProxyCredentials"
|
|
946
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
951
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
947
952
|
- export RELEASE_NAME="pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api"
|
|
948
953
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
949
954
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
950
955
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
951
956
|
- export HELM_ARGS=""
|
|
952
957
|
- export COMPONENT_NAME="api"
|
|
953
|
-
-
|
|
954
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
958
|
+
- collapseable_section_end "injectvars"
|
|
955
959
|
- kubectl config set-cluster "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --server="$CL_review_api_KUBE_URL" --certificate-authority <(echo $CL_review_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
956
960
|
- kubectl config set-credentials "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --token="$CL_review_api_KUBE_TOKEN"
|
|
957
961
|
- kubectl config set-context "kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --cluster="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --user="kube-pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-api" --namespace="pan-test-app-review"
|
|
@@ -980,38 +984,37 @@ api 🧪 test:
|
|
|
980
984
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
981
985
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
982
986
|
script:
|
|
983
|
-
-
|
|
987
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
984
988
|
- export ENV_SHORT="stage"
|
|
985
989
|
- export APP_DIR="api"
|
|
986
990
|
- export ENV_TYPE="stage"
|
|
987
991
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
988
992
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
989
993
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
990
|
-
- export
|
|
994
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
991
995
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
992
|
-
- export
|
|
993
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
996
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
994
997
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
995
998
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
996
999
|
- export KUBE_APP_NAME="api"
|
|
997
1000
|
- export KUBE_APP_NAME_PREFIX=""
|
|
998
1001
|
- export POSTGRESQL_PASSWORD="$CL_stage_api_POSTGRESQL_PASSWORD"
|
|
999
1002
|
- export cloudsqlProxyCredentials="$CL_stage_api_cloudsqlProxyCredentials"
|
|
1000
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1001
|
-
-
|
|
1003
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1004
|
+
- collapseable_section_end "injectvars"
|
|
1002
1005
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
1003
|
-
-
|
|
1006
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1004
1007
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1005
1008
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1006
|
-
-
|
|
1009
|
+
- collapseable_section_end "nodeinstall"
|
|
1007
1010
|
- cd api
|
|
1008
|
-
-
|
|
1011
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1009
1012
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1010
1013
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1011
|
-
-
|
|
1012
|
-
-
|
|
1014
|
+
- collapseable_section_end "nodeinstall"
|
|
1015
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1013
1016
|
- yarn install --immutable
|
|
1014
|
-
-
|
|
1017
|
+
- collapseable_section_end "yarninstall"
|
|
1015
1018
|
- yarn build
|
|
1016
1019
|
cache:
|
|
1017
1020
|
- key: api-yarn
|
|
@@ -1022,10 +1025,6 @@ api 🧪 test:
|
|
|
1022
1025
|
policy: pull-push
|
|
1023
1026
|
paths:
|
|
1024
1027
|
- api/node_modules
|
|
1025
|
-
- key: api-next-cache
|
|
1026
|
-
policy: pull-push
|
|
1027
|
-
paths:
|
|
1028
|
-
- api/.next/cache
|
|
1029
1028
|
artifacts:
|
|
1030
1029
|
paths:
|
|
1031
1030
|
- api/__build_info.json
|
|
@@ -1056,7 +1055,7 @@ api 🧪 test:
|
|
|
1056
1055
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1057
1056
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1058
1057
|
script:
|
|
1059
|
-
-
|
|
1058
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1060
1059
|
- export APP_DIR="api"
|
|
1061
1060
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1062
1061
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -1073,19 +1072,19 @@ api 🧪 test:
|
|
|
1073
1072
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1074
1073
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1075
1074
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1076
|
-
-
|
|
1075
|
+
- collapseable_section_end "injectvars"
|
|
1077
1076
|
- ensureNodeDockerfile
|
|
1078
|
-
-
|
|
1077
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1079
1078
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
1080
|
-
-
|
|
1081
|
-
-
|
|
1079
|
+
- collapseable_section_end "docker-login"
|
|
1080
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1082
1081
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1083
|
-
-
|
|
1084
|
-
-
|
|
1082
|
+
- collapseable_section_end "docker-build"
|
|
1083
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1085
1084
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1086
1085
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1087
1086
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1088
|
-
-
|
|
1087
|
+
- collapseable_section_end "docker-push"
|
|
1089
1088
|
cache:
|
|
1090
1089
|
- key: api-yarn
|
|
1091
1090
|
policy: pull
|
|
@@ -1102,8 +1101,8 @@ api 🧪 test:
|
|
|
1102
1101
|
image: aquasec/trivy:0.38.3
|
|
1103
1102
|
variables: {}
|
|
1104
1103
|
script:
|
|
1105
|
-
-
|
|
1106
|
-
-
|
|
1104
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1105
|
+
- collapseable_section_end "injectvars"
|
|
1107
1106
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1108
1107
|
artifacts:
|
|
1109
1108
|
paths:
|
|
@@ -1122,24 +1121,23 @@ api 🧪 test:
|
|
|
1122
1121
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1123
1122
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1124
1123
|
script:
|
|
1125
|
-
-
|
|
1124
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1126
1125
|
- export ENV_SHORT="stage"
|
|
1127
1126
|
- export APP_DIR="api"
|
|
1128
1127
|
- export ENV_TYPE="stage"
|
|
1129
1128
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1130
1129
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1131
1130
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1132
|
-
- export
|
|
1131
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1133
1132
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1134
|
-
- export
|
|
1135
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1133
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1136
1134
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1137
1135
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1138
1136
|
- export KUBE_APP_NAME="api"
|
|
1139
1137
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1140
1138
|
- export POSTGRESQL_PASSWORD="$CL_stage_api_POSTGRESQL_PASSWORD"
|
|
1141
1139
|
- export cloudsqlProxyCredentials="$CL_stage_api_cloudsqlProxyCredentials"
|
|
1142
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1140
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1143
1141
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
1144
1142
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
1145
1143
|
- export DOCKER_IMAGE_NAME="stage/api"
|
|
@@ -1151,21 +1149,20 @@ api 🧪 test:
|
|
|
1151
1149
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1152
1150
|
- export HELM_ARGS=""
|
|
1153
1151
|
- export COMPONENT_NAME="api"
|
|
1154
|
-
-
|
|
1155
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1152
|
+
- collapseable_section_end "injectvars"
|
|
1156
1153
|
- kubectl config set-cluster "kube-pan-test-app-stage-api" --server="$CL_stage_api_KUBE_URL" --certificate-authority <(echo $CL_stage_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1157
1154
|
- kubectl config set-credentials "kube-pan-test-app-stage-api" --token="$CL_stage_api_KUBE_TOKEN"
|
|
1158
1155
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
1159
1156
|
- kubectl config use-context "kube-pan-test-app-stage-api"
|
|
1160
|
-
-
|
|
1157
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
1161
1158
|
- |
|
|
1162
1159
|
cat > __all_values.yml <<EOF
|
|
1163
1160
|
env:
|
|
1164
1161
|
secret:
|
|
1165
1162
|
POSTGRESQL_PASSWORD: |-
|
|
1166
|
-
|
|
1163
|
+
$(printf %s "$CL_stage_api_POSTGRESQL_PASSWORD" | sed '1!s/^/ /')
|
|
1167
1164
|
cloudsqlProxyCredentials: |-
|
|
1168
|
-
|
|
1165
|
+
$(printf %s "$CL_stage_api_cloudsqlProxyCredentials" | sed '1!s/^/ /')
|
|
1169
1166
|
public:
|
|
1170
1167
|
ENV_SHORT: |-
|
|
1171
1168
|
stage
|
|
@@ -1174,18 +1171,16 @@ api 🧪 test:
|
|
|
1174
1171
|
ENV_TYPE: |-
|
|
1175
1172
|
stage
|
|
1176
1173
|
BUILD_INFO_BUILD_ID: |-
|
|
1177
|
-
|
|
1174
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1178
1175
|
BUILD_INFO_BUILD_TIME: |-
|
|
1179
|
-
|
|
1176
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1180
1177
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1181
|
-
|
|
1182
|
-
|
|
1178
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1179
|
+
HOSTNAME: |-
|
|
1183
1180
|
api.stage.test-app.pan.panter.cloud
|
|
1184
1181
|
ROOT_URL: |-
|
|
1185
1182
|
https://api.stage.test-app.pan.panter.cloud
|
|
1186
|
-
|
|
1187
|
-
api.stage.test-app.pan.panter.cloud
|
|
1188
|
-
HOST_CANONICAL: |-
|
|
1183
|
+
HOSTNAME_INTERNAL: |-
|
|
1189
1184
|
api.stage.test-app.pan.panter.cloud
|
|
1190
1185
|
ROOT_URL_INTERNAL: |-
|
|
1191
1186
|
https://api.stage.test-app.pan.panter.cloud
|
|
@@ -1195,7 +1190,7 @@ api 🧪 test:
|
|
|
1195
1190
|
api
|
|
1196
1191
|
KUBE_APP_NAME_PREFIX: ""
|
|
1197
1192
|
_ALL_ENV_VAR_KEYS: |-
|
|
1198
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1193
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","POSTGRESQL_PASSWORD","cloudsqlProxyCredentials"]
|
|
1199
1194
|
application:
|
|
1200
1195
|
host: |-
|
|
1201
1196
|
api.stage.test-app.pan.panter.cloud
|
|
@@ -1227,7 +1222,7 @@ api 🧪 test:
|
|
|
1227
1222
|
unmanaged
|
|
1228
1223
|
|
|
1229
1224
|
EOF
|
|
1230
|
-
-
|
|
1225
|
+
- collapseable_section_end "writeallvalues"
|
|
1231
1226
|
- kubernetesCreateSecret
|
|
1232
1227
|
- kubernetesDeploy
|
|
1233
1228
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -1263,32 +1258,30 @@ api 🧪 test:
|
|
|
1263
1258
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1264
1259
|
GIT_STRATEGY: none
|
|
1265
1260
|
script:
|
|
1266
|
-
-
|
|
1261
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1267
1262
|
- export ENV_SHORT="stage"
|
|
1268
1263
|
- export APP_DIR="api"
|
|
1269
1264
|
- export ENV_TYPE="stage"
|
|
1270
1265
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1271
1266
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1272
1267
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1273
|
-
- export
|
|
1268
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1274
1269
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1275
|
-
- export
|
|
1276
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1270
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1277
1271
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1278
1272
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1279
1273
|
- export KUBE_APP_NAME="api"
|
|
1280
1274
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1281
1275
|
- export POSTGRESQL_PASSWORD="$CL_stage_api_POSTGRESQL_PASSWORD"
|
|
1282
1276
|
- export cloudsqlProxyCredentials="$CL_stage_api_cloudsqlProxyCredentials"
|
|
1283
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1277
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1284
1278
|
- export RELEASE_NAME="pan-test-app-stage-api"
|
|
1285
1279
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1286
1280
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1287
1281
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1288
1282
|
- export HELM_ARGS=""
|
|
1289
1283
|
- export COMPONENT_NAME="api"
|
|
1290
|
-
-
|
|
1291
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1284
|
+
- collapseable_section_end "injectvars"
|
|
1292
1285
|
- kubectl config set-cluster "kube-pan-test-app-stage-api" --server="$CL_stage_api_KUBE_URL" --certificate-authority <(echo $CL_stage_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1293
1286
|
- kubectl config set-credentials "kube-pan-test-app-stage-api" --token="$CL_stage_api_KUBE_TOKEN"
|
|
1294
1287
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
@@ -1322,32 +1315,30 @@ api 🧪 test:
|
|
|
1322
1315
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1323
1316
|
GIT_STRATEGY: none
|
|
1324
1317
|
script:
|
|
1325
|
-
-
|
|
1318
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1326
1319
|
- export ENV_SHORT="stage"
|
|
1327
1320
|
- export APP_DIR="api"
|
|
1328
1321
|
- export ENV_TYPE="stage"
|
|
1329
1322
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1330
1323
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1331
1324
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1332
|
-
- export
|
|
1325
|
+
- export HOSTNAME="api.stage.test-app.pan.panter.cloud"
|
|
1333
1326
|
- export ROOT_URL="https://api.stage.test-app.pan.panter.cloud"
|
|
1334
|
-
- export
|
|
1335
|
-
- export HOST_CANONICAL="api.stage.test-app.pan.panter.cloud"
|
|
1327
|
+
- export HOSTNAME_INTERNAL="api.stage.test-app.pan.panter.cloud"
|
|
1336
1328
|
- export ROOT_URL_INTERNAL="https://api.stage.test-app.pan.panter.cloud"
|
|
1337
1329
|
- export KUBE_NAMESPACE="pan-test-app-stage"
|
|
1338
1330
|
- export KUBE_APP_NAME="api"
|
|
1339
1331
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1340
1332
|
- export POSTGRESQL_PASSWORD="$CL_stage_api_POSTGRESQL_PASSWORD"
|
|
1341
1333
|
- export cloudsqlProxyCredentials="$CL_stage_api_cloudsqlProxyCredentials"
|
|
1342
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1334
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1343
1335
|
- export RELEASE_NAME="pan-test-app-stage-api"
|
|
1344
1336
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1345
1337
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1346
1338
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1347
1339
|
- export HELM_ARGS=""
|
|
1348
1340
|
- export COMPONENT_NAME="api"
|
|
1349
|
-
-
|
|
1350
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1341
|
+
- collapseable_section_end "injectvars"
|
|
1351
1342
|
- kubectl config set-cluster "kube-pan-test-app-stage-api" --server="$CL_stage_api_KUBE_URL" --certificate-authority <(echo $CL_stage_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1352
1343
|
- kubectl config set-credentials "kube-pan-test-app-stage-api" --token="$CL_stage_api_KUBE_TOKEN"
|
|
1353
1344
|
- kubectl config set-context "kube-pan-test-app-stage-api" --cluster="kube-pan-test-app-stage-api" --user="kube-pan-test-app-stage-api" --namespace="pan-test-app-stage"
|
|
@@ -1376,38 +1367,37 @@ api 🧪 test:
|
|
|
1376
1367
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1377
1368
|
KUBERNETES_MEMORY_LIMIT: 4Gi
|
|
1378
1369
|
script:
|
|
1379
|
-
-
|
|
1370
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1380
1371
|
- export ENV_SHORT="prod"
|
|
1381
1372
|
- export APP_DIR="api"
|
|
1382
1373
|
- export ENV_TYPE="prod"
|
|
1383
1374
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1384
1375
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1385
1376
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1386
|
-
- export
|
|
1377
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1387
1378
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1388
|
-
- export
|
|
1389
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1379
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1390
1380
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1391
1381
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1392
1382
|
- export KUBE_APP_NAME="api"
|
|
1393
1383
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1394
1384
|
- export POSTGRESQL_PASSWORD="$CL_prod_api_POSTGRESQL_PASSWORD"
|
|
1395
1385
|
- export cloudsqlProxyCredentials="$CL_prod_api_cloudsqlProxyCredentials"
|
|
1396
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1397
|
-
-
|
|
1386
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1387
|
+
- collapseable_section_end "injectvars"
|
|
1398
1388
|
- echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > api/__build_info.json
|
|
1399
|
-
-
|
|
1389
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1400
1390
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1401
1391
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1402
|
-
-
|
|
1392
|
+
- collapseable_section_end "nodeinstall"
|
|
1403
1393
|
- cd api
|
|
1404
|
-
-
|
|
1394
|
+
- collapseable_section_start "nodeinstall" "Ensure node version"
|
|
1405
1395
|
- if [ -f ~/.nvm/nvm.sh ]; then source ~/.nvm/nvm.sh; fi
|
|
1406
1396
|
- if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi
|
|
1407
|
-
-
|
|
1408
|
-
-
|
|
1397
|
+
- collapseable_section_end "nodeinstall"
|
|
1398
|
+
- collapseable_section_start "yarninstall" "Yarn install"
|
|
1409
1399
|
- yarn install --immutable
|
|
1410
|
-
-
|
|
1400
|
+
- collapseable_section_end "yarninstall"
|
|
1411
1401
|
- yarn build
|
|
1412
1402
|
cache:
|
|
1413
1403
|
- key: api-yarn
|
|
@@ -1418,10 +1408,6 @@ api 🧪 test:
|
|
|
1418
1408
|
policy: pull-push
|
|
1419
1409
|
paths:
|
|
1420
1410
|
- api/node_modules
|
|
1421
|
-
- key: api-next-cache
|
|
1422
|
-
policy: pull-push
|
|
1423
|
-
paths:
|
|
1424
|
-
- api/.next/cache
|
|
1425
1411
|
artifacts:
|
|
1426
1412
|
paths:
|
|
1427
1413
|
- api/__build_info.json
|
|
@@ -1452,7 +1438,7 @@ api 🧪 test:
|
|
|
1452
1438
|
KUBERNETES_MEMORY_REQUEST: 1Gi
|
|
1453
1439
|
KUBERNETES_MEMORY_LIMIT: 2Gi
|
|
1454
1440
|
script:
|
|
1455
|
-
-
|
|
1441
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1456
1442
|
- export APP_DIR="api"
|
|
1457
1443
|
- export DOCKER_BUILD_CONTEXT="."
|
|
1458
1444
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
@@ -1469,19 +1455,19 @@ api 🧪 test:
|
|
|
1469
1455
|
COPY --chown=node:node api/yarn.lock /app/api/yarn.lock
|
|
1470
1456
|
COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
|
|
1471
1457
|
COPY --chown=node:node .yarn /app/.yarn"
|
|
1472
|
-
-
|
|
1458
|
+
- collapseable_section_end "injectvars"
|
|
1473
1459
|
- ensureNodeDockerfile
|
|
1474
|
-
-
|
|
1460
|
+
- collapseable_section_start "docker-login" "Docker Login"
|
|
1475
1461
|
- docker login --username gitlab-ci-token --password $CI_JOB_TOKEN $CI_REGISTRY
|
|
1476
|
-
-
|
|
1477
|
-
-
|
|
1462
|
+
- collapseable_section_end "docker-login"
|
|
1463
|
+
- collapseable_section_start "docker-build" "Docker build"
|
|
1478
1464
|
- docker build --network host --cache-from $DOCKER_CACHE_IMAGE --tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG -f $APP_DIR/Dockerfile $DOCKER_BUILD_CONTEXT --build-arg BUILDKIT_INLINE_CACHE=1
|
|
1479
|
-
-
|
|
1480
|
-
-
|
|
1465
|
+
- collapseable_section_end "docker-build"
|
|
1466
|
+
- collapseable_section_start "docker-push" "Docker push and tag"
|
|
1481
1467
|
- docker push $DOCKER_IMAGE:$DOCKER_IMAGE_TAG
|
|
1482
1468
|
- docker tag $DOCKER_IMAGE:$DOCKER_IMAGE_TAG $DOCKER_CACHE_IMAGE
|
|
1483
1469
|
- docker push $DOCKER_CACHE_IMAGE
|
|
1484
|
-
-
|
|
1470
|
+
- collapseable_section_end "docker-push"
|
|
1485
1471
|
cache:
|
|
1486
1472
|
- key: api-yarn
|
|
1487
1473
|
policy: pull
|
|
@@ -1498,8 +1484,8 @@ api 🧪 test:
|
|
|
1498
1484
|
image: aquasec/trivy:0.38.3
|
|
1499
1485
|
variables: {}
|
|
1500
1486
|
script:
|
|
1501
|
-
-
|
|
1502
|
-
-
|
|
1487
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1488
|
+
- collapseable_section_end "injectvars"
|
|
1503
1489
|
- trivy fs --quiet --format cyclonedx --output "__sbom.json" api
|
|
1504
1490
|
artifacts:
|
|
1505
1491
|
paths:
|
|
@@ -1518,24 +1504,23 @@ api 🧪 test:
|
|
|
1518
1504
|
KUBERNETES_MEMORY_REQUEST: 200Mi
|
|
1519
1505
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1520
1506
|
script:
|
|
1521
|
-
-
|
|
1507
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1522
1508
|
- export ENV_SHORT="prod"
|
|
1523
1509
|
- export APP_DIR="api"
|
|
1524
1510
|
- export ENV_TYPE="prod"
|
|
1525
1511
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1526
1512
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1527
1513
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1528
|
-
- export
|
|
1514
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1529
1515
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1530
|
-
- export
|
|
1531
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1516
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1532
1517
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1533
1518
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1534
1519
|
- export KUBE_APP_NAME="api"
|
|
1535
1520
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1536
1521
|
- export POSTGRESQL_PASSWORD="$CL_prod_api_POSTGRESQL_PASSWORD"
|
|
1537
1522
|
- export cloudsqlProxyCredentials="$CL_prod_api_cloudsqlProxyCredentials"
|
|
1538
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1523
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1539
1524
|
- export DOCKER_REGISTRY="$CI_REGISTRY"
|
|
1540
1525
|
- export DOCKER_CACHE_IMAGE="$CI_REGISTRY_IMAGE/caches/api"
|
|
1541
1526
|
- export DOCKER_IMAGE_NAME="prod/api"
|
|
@@ -1547,21 +1532,20 @@ api 🧪 test:
|
|
|
1547
1532
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1548
1533
|
- export HELM_ARGS=""
|
|
1549
1534
|
- export COMPONENT_NAME="api"
|
|
1550
|
-
-
|
|
1551
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1535
|
+
- collapseable_section_end "injectvars"
|
|
1552
1536
|
- kubectl config set-cluster "kube-pan-test-app-prod-api" --server="$CL_prod_api_KUBE_URL" --certificate-authority <(echo $CL_prod_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1553
1537
|
- kubectl config set-credentials "kube-pan-test-app-prod-api" --token="$CL_prod_api_KUBE_TOKEN"
|
|
1554
1538
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|
|
1555
1539
|
- kubectl config use-context "kube-pan-test-app-prod-api"
|
|
1556
|
-
-
|
|
1540
|
+
- collapseable_section_start "writeallvalues" "Write __all_values.yml for helm deployment"
|
|
1557
1541
|
- |
|
|
1558
1542
|
cat > __all_values.yml <<EOF
|
|
1559
1543
|
env:
|
|
1560
1544
|
secret:
|
|
1561
1545
|
POSTGRESQL_PASSWORD: |-
|
|
1562
|
-
|
|
1546
|
+
$(printf %s "$CL_prod_api_POSTGRESQL_PASSWORD" | sed '1!s/^/ /')
|
|
1563
1547
|
cloudsqlProxyCredentials: |-
|
|
1564
|
-
|
|
1548
|
+
$(printf %s "$CL_prod_api_cloudsqlProxyCredentials" | sed '1!s/^/ /')
|
|
1565
1549
|
public:
|
|
1566
1550
|
ENV_SHORT: |-
|
|
1567
1551
|
prod
|
|
@@ -1570,18 +1554,16 @@ api 🧪 test:
|
|
|
1570
1554
|
ENV_TYPE: |-
|
|
1571
1555
|
prod
|
|
1572
1556
|
BUILD_INFO_BUILD_ID: |-
|
|
1573
|
-
|
|
1557
|
+
$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed '1!s/^/ /')
|
|
1574
1558
|
BUILD_INFO_BUILD_TIME: |-
|
|
1575
|
-
|
|
1559
|
+
$(printf %s "$CI_JOB_STARTED_AT" | sed '1!s/^/ /')
|
|
1576
1560
|
BUILD_INFO_CURRENT_VERSION: |-
|
|
1577
|
-
|
|
1578
|
-
|
|
1561
|
+
$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")" | sed '1!s/^/ /')
|
|
1562
|
+
HOSTNAME: |-
|
|
1579
1563
|
api.prod.test-app.pan.panter.cloud
|
|
1580
1564
|
ROOT_URL: |-
|
|
1581
1565
|
https://api.prod.test-app.pan.panter.cloud
|
|
1582
|
-
|
|
1583
|
-
api.prod.test-app.pan.panter.cloud
|
|
1584
|
-
HOST_CANONICAL: |-
|
|
1566
|
+
HOSTNAME_INTERNAL: |-
|
|
1585
1567
|
api.prod.test-app.pan.panter.cloud
|
|
1586
1568
|
ROOT_URL_INTERNAL: |-
|
|
1587
1569
|
https://api.prod.test-app.pan.panter.cloud
|
|
@@ -1591,7 +1573,7 @@ api 🧪 test:
|
|
|
1591
1573
|
api
|
|
1592
1574
|
KUBE_APP_NAME_PREFIX: ""
|
|
1593
1575
|
_ALL_ENV_VAR_KEYS: |-
|
|
1594
|
-
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","
|
|
1576
|
+
["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOSTNAME","ROOT_URL","HOSTNAME_INTERNAL","ROOT_URL_INTERNAL","KUBE_NAMESPACE","KUBE_APP_NAME","KUBE_APP_NAME_PREFIX","POSTGRESQL_PASSWORD","cloudsqlProxyCredentials"]
|
|
1595
1577
|
application:
|
|
1596
1578
|
host: |-
|
|
1597
1579
|
api.prod.test-app.pan.panter.cloud
|
|
@@ -1623,7 +1605,7 @@ api 🧪 test:
|
|
|
1623
1605
|
unmanaged
|
|
1624
1606
|
|
|
1625
1607
|
EOF
|
|
1626
|
-
-
|
|
1608
|
+
- collapseable_section_end "writeallvalues"
|
|
1627
1609
|
- kubernetesCreateSecret
|
|
1628
1610
|
- kubernetesDeploy
|
|
1629
1611
|
- echo 'Uploading SBOM to Dependency Track'
|
|
@@ -1659,32 +1641,30 @@ api 🧪 test:
|
|
|
1659
1641
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1660
1642
|
GIT_STRATEGY: none
|
|
1661
1643
|
script:
|
|
1662
|
-
-
|
|
1644
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1663
1645
|
- export ENV_SHORT="prod"
|
|
1664
1646
|
- export APP_DIR="api"
|
|
1665
1647
|
- export ENV_TYPE="prod"
|
|
1666
1648
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1667
1649
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1668
1650
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1669
|
-
- export
|
|
1651
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1670
1652
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1671
|
-
- export
|
|
1672
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1653
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1673
1654
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1674
1655
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1675
1656
|
- export KUBE_APP_NAME="api"
|
|
1676
1657
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1677
1658
|
- export POSTGRESQL_PASSWORD="$CL_prod_api_POSTGRESQL_PASSWORD"
|
|
1678
1659
|
- export cloudsqlProxyCredentials="$CL_prod_api_cloudsqlProxyCredentials"
|
|
1679
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1660
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1680
1661
|
- export RELEASE_NAME="pan-test-app-prod-api"
|
|
1681
1662
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1682
1663
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1683
1664
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1684
1665
|
- export HELM_ARGS=""
|
|
1685
1666
|
- export COMPONENT_NAME="api"
|
|
1686
|
-
-
|
|
1687
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1667
|
+
- collapseable_section_end "injectvars"
|
|
1688
1668
|
- kubectl config set-cluster "kube-pan-test-app-prod-api" --server="$CL_prod_api_KUBE_URL" --certificate-authority <(echo $CL_prod_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1689
1669
|
- kubectl config set-credentials "kube-pan-test-app-prod-api" --token="$CL_prod_api_KUBE_TOKEN"
|
|
1690
1670
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|
|
@@ -1718,32 +1698,30 @@ api 🧪 test:
|
|
|
1718
1698
|
KUBERNETES_MEMORY_LIMIT: 400Mi
|
|
1719
1699
|
GIT_STRATEGY: none
|
|
1720
1700
|
script:
|
|
1721
|
-
-
|
|
1701
|
+
- collapseable_section_start "injectvars" "Injecting variables"
|
|
1722
1702
|
- export ENV_SHORT="prod"
|
|
1723
1703
|
- export APP_DIR="api"
|
|
1724
1704
|
- export ENV_TYPE="prod"
|
|
1725
1705
|
- export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"
|
|
1726
1706
|
- export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"
|
|
1727
1707
|
- export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\/v//'); [ -z "$tag" ] && echo "0.0.0" || echo "$tag")"
|
|
1728
|
-
- export
|
|
1708
|
+
- export HOSTNAME="api.prod.test-app.pan.panter.cloud"
|
|
1729
1709
|
- export ROOT_URL="https://api.prod.test-app.pan.panter.cloud"
|
|
1730
|
-
- export
|
|
1731
|
-
- export HOST_CANONICAL="api.prod.test-app.pan.panter.cloud"
|
|
1710
|
+
- export HOSTNAME_INTERNAL="api.prod.test-app.pan.panter.cloud"
|
|
1732
1711
|
- export ROOT_URL_INTERNAL="https://api.prod.test-app.pan.panter.cloud"
|
|
1733
1712
|
- export KUBE_NAMESPACE="pan-test-app-prod"
|
|
1734
1713
|
- export KUBE_APP_NAME="api"
|
|
1735
1714
|
- export KUBE_APP_NAME_PREFIX=""
|
|
1736
1715
|
- export POSTGRESQL_PASSWORD="$CL_prod_api_POSTGRESQL_PASSWORD"
|
|
1737
1716
|
- export cloudsqlProxyCredentials="$CL_prod_api_cloudsqlProxyCredentials"
|
|
1738
|
-
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"
|
|
1717
|
+
- export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOSTNAME\\",\\"ROOT_URL\\",\\"HOSTNAME_INTERNAL\\",\\"ROOT_URL_INTERNAL\\",\\"KUBE_NAMESPACE\\",\\"KUBE_APP_NAME\\",\\"KUBE_APP_NAME_PREFIX\\",\\"POSTGRESQL_PASSWORD\\",\\"cloudsqlProxyCredentials\\"]"
|
|
1739
1718
|
- export RELEASE_NAME="pan-test-app-prod-api"
|
|
1740
1719
|
- export HELM_EXPERIMENTAL_OCI="1"
|
|
1741
1720
|
- export KUBE_DOCKER_IMAGE_PULL_SECRET="gitlab-registry-api"
|
|
1742
1721
|
- export HELM_GITLAB_CHART_NAME="/helm-charts/the-panter-chart"
|
|
1743
1722
|
- export HELM_ARGS=""
|
|
1744
1723
|
- export COMPONENT_NAME="api"
|
|
1745
|
-
-
|
|
1746
|
-
- echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"
|
|
1724
|
+
- collapseable_section_end "injectvars"
|
|
1747
1725
|
- kubectl config set-cluster "kube-pan-test-app-prod-api" --server="$CL_prod_api_KUBE_URL" --certificate-authority <(echo $CL_prod_api_KUBE_CA_PEM | base64 -d) --embed-certs=true
|
|
1748
1726
|
- kubectl config set-credentials "kube-pan-test-app-prod-api" --token="$CL_prod_api_KUBE_TOKEN"
|
|
1749
1727
|
- kubectl config set-context "kube-pan-test-app-prod-api" --cluster="kube-pan-test-app-prod-api" --user="kube-pan-test-app-prod-api" --namespace="pan-test-app-prod"
|